Microsoft wants Automatic Update for Windows 917
Edward Dao writes "After the embarassment of last week's blaster worm, Microsoft is weighing the possibility of automatic update. Microsoft not only wants to upload the latest patch on to users' computer but also installing it for them." This will work out really well for everyone I'm sure. Yikes! Can I at least press 'Ok' first?
And we kept wondering ... (Score:5, Insightful)
Now we know: MS will do it for you. How kind of them!
Bandwidth (Score:5, Insightful)
Granted, by the time this is incorporated into the OS, phone line users may be in the minority but until then
Re:Not such a bad idea (Score:5, Insightful)
As long as there are no automatic EULA changes (Score:5, Insightful)
Sure, some people might want to turn it off, but by and large I think there would be less damage with it on. I rarely meet a person who even knows what MS Update *is* let alone have used it.
I wonder how well this would work on dialup though? It seems like the world is really leaving dialup folks behind. I have cable myself but know a lot of people on dialup either because high speed is not available to them or because they really don't need a fulltime connection, and are getting by just fine on a $5/month dialup plan.
MSBlaster (Score:5, Insightful)
How is this bug more of a bummer than how gnuftp was compromised and potentially more damaging? Oh, don't hear people moaning about that on here now do you...?
The tale is telling, is it not?
Re:Not such a bad idea (Score:5, Insightful)
Bad Idea. (Score:5, Insightful)
This is a huge mistake. Talk about a support nightmare. I recently spent several hours trying to find out why my machine was freezing intermittently, only to find that Update 811493 was to blame. I uninstalled it and everything worked perfectly-- if they make it mandatory, and have a similiar problem what do we do? (Switch to Mac or Linux, right?)
For the record, there's still no way to tell Microsoft I NEVER want this update. If I use "auto update" at all it downloads it and wants to install. So, now I'm stuck using manual update or my machine might freeze up again.
Just great.
Great (Score:3, Insightful)
If you think this is a bad idea, then you don't realize just how stupid the great mass of computer users are. I'm sure Microsoft will make this in a way that will allow anyone who knows what they are doing to turn this feature off. But it will kill viruses and worms that exploit windows holes, that's for sure. I can't recall one that's come out in years where the patch hadn't already existed, but that users were too stupid to download.
Besides, I'm sure that recent power outages spooked Microsoft for at least a few moments. They thought: Could this have been a computer problem? Not even Microsoft has that kind of money were it to be found liable.
Re:Not such a bad idea (Score:2, Insightful)
This is already the case...
Re:oh yeah? (Score:5, Insightful)
Two things from the article:
And...
So... only for home users and users can shut it off!
So don't freak out too much... maybe this will actually help... think if this had been in effect for slammer... we keep bitching that the 'patch was available, why didn't people use it!'... well, this would fix that problem.
One other thing from the article:
Now that makes sense!
Re:Not such a bad idea (Score:2, Insightful)
Also, from the article:
The next version of Windows, which analysts expect to be completed in late 2004, could be the first to let the Auto Update feature download patches from Microsoft without requiring the user's explicit approval. Microsoft is also considering whether to make the Auto Update mandatory earlier, through an interim upgrade known as a service pack
and
Harris Miller, president of the Information Technology Association of America, applauded Microsoft for considering the move.
"People are going to have to accept mandatory updates as part of the warranty process, and that's exactly what Microsoft should be doing," Miller said. "You can't just send out a recall notice and hope that people come into the shop and do their maintenance."
I didn't see anything anywhere in the article that said business users or technically savvy home users would be given the option of disabling the forced update.
Re:Not such a bad idea (Score:5, Insightful)
Microsoft are MORONS. The fix for this particular worm required SP2 or greater. That is 8 hours and 10 minutes over dialup.
Windowsupdate is a god send for people with broadband but MS are going to be required to send CDs in the mail if they want to keep dial-up users up to speed.
Re:Not such a bad idea (Score:5, Insightful)
Re:Not such a bad idea (Score:5, Insightful)
Re:Not such a bad idea (Score:5, Insightful)
Re:Not such a bad idea (Score:3, Insightful)
Trust (Score:3, Insightful)
Sure the tech savvy users like those who frequent slashdot (and we're ignoring the rabid fascist anti-MS zealots here) will not like the idea - but the problem that Microsoft is having is that even the general public are starting to mistrust them.
A case in point is the abysmal failure of Passport. Sure it has hundreds of users, but nearly all of them were forced into getting it because they wanted a hotmail account. Very few people actually store all their personal details on there.
Until they get the trust issue sorted, people are never going knowingly let them take control.
Bad, Bad idea (Score:5, Insightful)
First of all is their patches. They sure as hell aren't 100%. So one day your favorite program might work, and the next day it might not. All wihtout you doing anything. This is why businesses take a while to evaluate patches.
Secondly, what if there is an exploitable bug(and there will be at least one). Every windows machine out there might be downloading viruses instead of updates. If someone were to reverse engineer the network interface, and hack a couple DNS servers, they could have all those users downloading whatever they wanted, even illegal things, or viruses, hacks, anything.
Plus there's the privacy issues. I konw that right now windowsupdate could send MS anything anyway, but if we all expect it to update any time it wants, we have no controls at all on our system, MS could send an update to lock you out of your own system if they suspect you of something, or just for the hell of it.
While I don't expect this to actually go through, its important to be wary of just how abusive such a system could be.
P.S. I, for one, welcome our new windowsupdate.microsoft.com masters.
Who is liable? Will it reboot too? (Score:2, Insightful)
What if the machine is in a small or home-office business handling some critical task and the Automatic Update causes a failure or some data to be lost? Will M$ be liable and pay damages? Doubtful.
If the patch requires a reboot, will it also automatically reboot the machine?
I can see so many ways this is going to cause all kinds of problems.
My guess is that the "Home" version of the OS will have automatic update turned on by default, and probably difficult to turn off since M$ users don't know how to do anything for themselves, therefore if they try to turn this off they must really be trying to turn it on so they'll leave it on. (Hmm, that sounds kind of like turning off DCOM but it still being active).
The "Pro" of "Office" or "Server" or whatever they call the more expensive version used by IT departments will probably have this turned off so automatic update doesn't take out people's networks. Especially people big enough to be more than just a minor irritant.
Can you image a Fortune 100 company having 1/3 or 1/2 of it's systems down and its IT department totally consumed and in knots trying to fix a problem that looks like a virus. First just a couple of systems would have problems, but as their clocks hit a certain time and the Auto Update goes out and installs the new code, more and more systems fail.
And then there are the systems that report they have the update installed, but really they don't for whatever reason. Following NTBugTraq on this last virus has been more interesting than for past viruses. Several systems had DCOM turned off, all the tools said it was off, but the systems were still vulnerable. Other systems reported the patch was installed, but they were still vulnerable.
This auto update sounds like such a can of worms. M$ may just be giving more people the push they need to check out alternatives. Here's hoping.
Re:Bandwidth (Score:3, Insightful)
umpteen mb/s broadband connection. It would be nice if occasionally marketing types (and some geeks for that matter) would remember this
simple fact.
Well, yes. (Score:5, Insightful)
"The company is 'looking very seriously' at requiring future versions of Windows to accept automatic software fixes unless the user specifically refuses to receive them..."
So yes you can "at least press Ok first." Although I'm sure CmdrTaco has nothing to worry about, since he doesn't run Windows any more, which I suppose is why he didn't read the article.
Personally, I think that this would probably be a responsible move on their part (and Bruce Schneier apparently agrees with me). I especially like the fact that they're going to start shipping Windows with the firewall enabled. As far as I'm concerned, no one should be worried as long as you can disable automatic updates and disable the firewall (though I think they should make it slightly non-obvious how to do so, so that the people this is intended to benefit won't turn it off). After all, you don't leave Windows exactly as it comes off the CD, do you? Hopefully, you'll also be able to create corporate install CDs with these features disabled if need be.
There are only two things that concern me:
1. Broken patches: What if, as has happened in the past, an update breaks the auto-update mechanism? Then they'll be pretty well stuffed. I'm not sure what to say about that other than "don't do that."
2. Dial-up users: As the article mentions, SP1a is big. Really big. I mean, you might think that the OpenOffice download is big, but that's just peanuts compared to...right. However, that was a combination of many small patches, and just like many other things in life, if people had updated incrementally as they should have, they wouldn't have a need for a giant update. Hopefully, MS will be able to keep the patch size down, and we can watch 2003 to see if they can keep the frequency down as well.
(Yes, I now have to care about Microsoft products again, which is annoying, but I might as well make the best of it).
Re:MSBlaster (Score:5, Insightful)
Re:Not such a bad idea (Score:3, Insightful)
So you make the software update so that you agree to a EULA the first time you run it. As long as there are no changes, the patched get installed automatically. Any patch that brings a change to the EULA will not install. It would be downloaded, but a message would pop up saying that there is an update, and make you agree to the new EULA before it is installed.
At any rate, I think the EULA changes come with things like new versions of the Media Player and the like. Those shouldn't be done automatically anyway. Only security patches should be automatic.
As long as there is a way to disable it, I don't see why this would be a problem. The users who don't care about this are exactly the people that need it anyway.
Just Remember: (Score:2, Insightful)
Re:MSBlaster (Score:5, Insightful)
Re:Not such a bad idea (Score:5, Insightful)
"People are going to have to accept mandatory updates as part of the warranty process,"
Since when does Microsoft include a warranty on Windows?
Re:This is better than OS X (Score:5, Insightful)
Actually, it's quite good. You'll note that it's emulating only the X11 libraries, really even only the X11 server itself. The slowdown of having X apps pass through that layer also occurs on Linux, *BSD, or any other OS. KDE and GNOME may be open standards, but they're not as nice-looking as Aqua, and the WindowServer that runs Apple's windowing system, is, AFAIK, part of Darwin, and thus open.
Darwin is not a kernel, Mach is the kernel. You'll note that it's the same micro-kernel that GNU Hurd uses, and if Hurd isn't Unix, what is (nowadays)? Darwin may be based on FreeBSD, but the kernel is Mach, which isn't. Also, you seem to be overlooking that most Linux programs are compiled for Intel processors, not PowerPCs. Thus, they wouldn't run anyways. However, most do compile with little or no modification. Netinfo is never used directly. Requests are handeled by lookupd, which uses Netinfo, but searches flat files (/etc/passwd, /etc/hosts, etc.) first. Netinfo also allows networks that share common printers, hosts, network configuration, users, mounts, etc. to be constructed easily. Unlike the registry, Netinfo is documented, and has manipulation utilities, for both the command line and the GUI. And, it's never gotten fscked up (for me.) Mac hardware may be expensive, but- it's better. Even the Linux people who use Linux on Macs agree it's faster, better, etc. on a Mac. Macs are more durable, featureful, more standard, and "just work" more and don't work less.
Okay, find music for that cheap on Linux (while still supporting the artisit. It's hard. The music industries wouldn't stand for a service without DRM, and you'll note Apple is pretty darn nice. Unlimited CD burns (but no more that 10 for the same playlist), 3 computers, unlimited iPods. Plus, AACs are MPEG-4, which is darn good quality, and darn small file size. I would never use Windoze, and always like Linux. But for me, Mac OS X is a great UNIX, and is all I need it to be.
It would seem youhaven't taken a close enough look at Mac OS X.
Moderators: Mod me down troll all you want, but mod the parent down troll as well.Re:Trust (Score:2, Insightful)
Sure the tech savvy users like those who frequent slashdot (and we're ignoring the rabid fascist anti-MS zealots here) will not like the idea - but the problem that Microsoft is having is that even the general public are starting to mistrust them.
I don't believe the general public has any sort of misplaced paranoia about windows updates. If Microsoft turns on autmatic updates, and installs the patches automatically, the general user will probably not even know, never mind start thinking about some duplicitous intention on Microsoft's part.
A case in point is the abysmal failure of Passport. Sure it has hundreds of users, but nearly all of them were forced into getting it because they wanted a hotmail account. Very few people actually store all their personal details on there.This is just a ridiculous conjecture. Here is a slightly less ridiculous conjecture: Very few people used Passport because it turned out not to be very useful. Or how about this one: Very few people used Passport because it was obscure and very un-user-friendly? Or: there was always another way of conducting an online transaction, and when someone just NEEDS to order their rabbit leash, they just want it done with as soon as possible and don't want to be bother signing up for anything more than is absolutely necessary?
Re:Not such a bad idea (Score:5, Insightful)
Now, I've been downloading updates for the last hour or so now. I understand that the Microsoft site is probably pegged following all the media coverage of the latest worm, but nonetheless, I'm a broadband user and it's still taking me a significant chunk of time to download all these updates.
Dialup can only be worse. If MSFT wants to keep the users current they've gotta either find some way of updating Windows that's not quite so hard on dial up (mailing CDs sounds good) or they need to find some way to bring the average patch size down. I have a hard time buying into the idea that the problems in the system really require a patch of that size. With a little more creative work you'd think they could find a more efficient way to insert the new code.
But can you trust the update system? (Score:2, Insightful)
At least until someone finds out that the update system itself is broken and uses it to directly install stuff into your computer.
Oh wait... they've been on secure programming for some time now... ain't gonna happen.
Re:As long as there are no automatic EULA changes (Score:5, Insightful)
I can see Microsoft arguing to a court that the use of the software implys that they automatically accept a new EULA with each patch; however, I would be very shocked and dismayed if any court in the US would uphold that you could automatically agree to licensing changes without being at least notified that a change had taken place.
Microsoft could worm their way around the last part with a pop up window asking you to accept the latest EULA; however, that would be a public relations nightmare, and even though Microsoft is keen to kill off any professional competition, they are not in business to openly defy their users.
The only way an EULA holds up as legal when not read (if my memory serves me correctly) is that you implicitly agreed to it by opening the box. Automatic EULA updates lack even this token agreement. If the automatic update is turned off by default, you might be seen as "implicitly" agreeing to all future EULAs by turning it on. If it is on by default there's no action to bind you to any sort of agreement.
Mabye they'll put in a clause, "By agreeing to use this software you agree to all future licensing agreements with respect to this software which will invalidate this agreement", ie viral EULA.
Of course I'm not a lawyer, but if you believe this is sound legal advice, let me write your will.
Re:Not such a bad idea (Score:5, Insightful)
Sounds like you're unreasonably paranoid. I've been using Windows 2000 for three years and whenever I need to reinstall (usually due to hard disk crashes or building a new machine. NEVER because the OS or Microsoft did something stupid) the first thing I do is go get all the updates. Nobody who is "technically savvy" wants to run a version of their OS that is three years old. Why? For reasons of security, stability, and compatibility with new software. Why not have the OS go find them for me?
Stop speaking for me. I consider myself technically savvy due to my degrees in Electrical Engineering and Computer Science as well as my hobby of building PCs for my friends. At first, when a service pack added the auto-update feature to W2K, I had it set to let me verify updates, but then I noticed something: I kept hearing about worms and vulnerabilities in Windows on Slashdot and from my friends a day or two after I saw my PC automatically find the fix from MS. It certainly beats going to windows update myself after the fact. I let auto-update have free reign after that discovery.
The fact is that most people who use Windows do not understand that they need to update their OS in order to keep their computer running. What's the first thing you do if you try installing a piece of software and it doesn't work? Roll back to a earlier backup? I doubt it. If your hardware seems to be working you go and get all the current driver and OS updates because developers usually release their software built on platforms with recent OS and driver versions.
Obviously I think automatic updating could be a good thing, but there could be some problems. Nobody with a modem connection wants their OS to automatically dial in and start downloading 15MB patches. You also may not want your server to start downloading patches at peak traffic hours. I hope that MS leaves the option for user input for these reasons. It also only currently downloads critical updates. Their decisions about what is critical have been reasonable so far.
One good thing that you might not see coming from the auto-update is that now you don't need Internet Explorer to use the windows update site.
Re:Not such a bad idea (Score:5, Insightful)
Right now we're holding off applying Win2K SP4 to our web servers. It contains a change to the security model that will break some of our ISAPI extensions. The fix is trivial, but we haven't had time to check it out on a test bed, nor deploy it to all our servers (unfortunately we have to do them manually as we don't have anything like SMS deployed).
Re:M$ worm. (Score:4, Insightful)
Idiot proof everything, like the way the standard RedHat install sets up all basic command line functions to be verbose by default. And then as you learn more about what you're doing you can set these preferences to something else.
Don't forget, people, in general, hate to A) Read and B) Learn
Then, as the user becomes more proficient, s/he can set things up the way they like.
Think about it, if you don't know enough about something to know how to turn it on or off, do you really think you should be able to choose if it's on or off?
Re:M$ worm. (Score:5, Insightful)
I don't want to stick up for MS or anything but the problem is the user. If there is a patch availiable and the user doesn't install it then it is the user's fault (even if the user is ignorant).
The way I see it there are two obvious solutions...
1. Force the update on people.
2. People should have to have a licence to own a computer and take a test so that they understand security issues. Now I realise that sounds a little extreme but if you take into account the the cost in bussiness that worms cause then it might be a good idea. It would certainly get rid of the ignorance defense.
Re:No thanks (Score:5, Insightful)
typical users DON'T leave their home computers on when they don't use them btw.
and need that phone line occasionally for phone calls, i'm sure you've had one, but some people get them like all the time even on their landline.
most people when they are online with their modem, are in the middle of doing something important(they wouldn't be online unless they were). using the phone line isn't free either in majority of countries, so leaving it to up to the os to decide when to dial up is not an option.
the bloated drivers and updates are a real problem in todays world when you're trying to keep your relatives little computers running good enough (nvidia drivers take +30mb, for example). sure it isn't a problem when you have 100mbit jack on the wall but majority of people don't have that.
Of course they should (Score:3, Insightful)
Re:oh yeah? (Score:5, Insightful)
Additionally I would hate to think that computers would roll out with auto update automatically enforced on home users machines. Quite a few home users wouldn't know if they had turned it off or not for one. Can you trust Microsoft to have tested the patch against software you use? What if you've got a "pay for use" internet account? Do you want to pay for the bandwidth Microsoft uses? HINT: Think service pack. What if a patch goes wrong or the home user mistakes it for a virus and forces a shut down in the middle of a service pack?
I'm not going to suggest that Microsoft would use this to monitor individuals or covertly take over peoples machines, that's just more FUD. I do think, however, that the last thing Microsoft needs to do to their software is add another automated feature that can be comprimised and easlity manipulated because it's already built for interaction with external machines over an inherantly insecure environment.
You don't fix a hole in a dam by adding more holes.
They're just blame-shifting (Score:3, Insightful)
Yes, no OS is perfect. But, their attitude here seems to be "you deserve to get hit if you didn't apply the patch-of-the week".
Re:Not such a bad idea (Score:3, Insightful)
And my argument (as is the argument of many others) is that its my machine and I'll make the decisions as to which updates I need. Take, for example, the 'Critical update' for OE 6. Why would I need to install an update for OE when its never been used on my computer? Sure, slap the latest Service Pack on your box - as long as its relevant.
There are also several documented instances where an update or service pack breaks another software component. In the case of my work system, the last service pack for 2000 would break Rational Robot. Yes, I know business users could disable the feature, but what about home users with the same software and the occasional VPN connection?
Stop speaking for me. I consider myself technically savvy due to my degrees in Electrical Engineering and Computer Science as well as my hobby of building PCs for my friends.
You sound more like someone who feels the need to brag about your college education. No? A simple 'I'm technically savvy' would've sufficed. No one here cares about your credentials.
The fact is that most people who use Windows do not understand that they need to update their OS in order to keep their computer running.
Bullshit. You only update your computer if a fix addresses a problem present on your PC. Ask anyone who works in support if you should apply all fixes simply because they're available.
Re:Not such a bad idea (Score:5, Insightful)
Too dumb? How about just not interested? Many people just want their computer to work, the way their car and dishwasher "just work". They couldn't care less about any of the technical details. Resistance from arrogant fucks like you has been holding this back, and Microsoft is finally making a bold move in the right direction.
5 words for you ... (Score:3, Insightful)
[RANT]
Remember this gem? All the people that installed it had inoperable machines. It was so bad that it was recalled *6* hours after being posted. Then a week later came SP6a. I definitely do *NOT* want them pushing crap to my machines. I have no problem getting my own updates. Set up auto-update by default, but let those of us that know what we're doing be able to turn it off. I'm all for (l)users getting crap in general (not necessarily viruses/virii). Maybe that will get them off computers and leave them to the experts.
How come everyone and their brother is allowed to operate a computer at will, but I need a license to fish?
[/RANT]
-Ab
Re:M$ worm. (Score:3, Insightful)
Clearly the technology's simplicity is oversold. "Anyone can use it!" Hey, how about some intelligence/knowledge requirements for voting? Right now, just anyone can vote.
Ugh (Score:3, Insightful)
Re:Not such a bad idea (Score:3, Insightful)
Thank you for pointing this out. People don't want to know how the computer works, they just want it to work. I want to write an email, push the email button on my keyboard and click send. That's how a car works. 2% of the American population could actually fix anything that goes wrong with their car, why expect it to be different?
It's because of the computer elitist group (Hi Slashdot!) that computers "scare" people. They aren't interested, and would rather just have someone who is interested fix their problems. There is nothing wrong with that, and it doesn't make them stupid.
(On a side note, there are a lot of stupid people, like those who use white-out on the screen, etc.)
Re:imagine... (Score:3, Insightful)
Aren't MS patches signed? If they are, then fooling your computer (say, by poisoning dns) into connecting to a non-ms site would only yield invalid downloads. Even if they hijaak the actual servers, if they don't have the key, the result will be the same.
MS might produce crappy software (and some very good software IMHO) but surely with their resources they probably already considered this posibility.
Re:Not such a bad idea (Score:5, Insightful)
It'd be pretty damn noticable on my British Telecom phone bill.
Not everywhere has free/inclusive local calls, remember.
Re:M$ worm. (Score:2, Insightful)
Re:M$ worm. (Score:1, Insightful)
Yes, you can stand back and say "it's the users fault". But when did the user click an agreement to spend inordinate amounts of time patching his OS? Did I miss the pop-up box during installation that said 'We're sorry if you're on dialup, but you will and should update this operating system at least once a week, or even more often.'
There is a large difference between routine maintenance and an obscene level of commitment. For many (and I'm sure that most of the users on Slashdot forget this) the computer is a tool that they may turn on only once or twice a WEEK. Unusual? Hardly. The majority of the US still doesn't even have broadband.
When you're going at the rate of a couple patches a month, and this for a product that is only used a couple times a week by MOST USERS, that equates to changing the oil in your car roughly once ever 2-3 days. And who the hell is going to do that?
Not everyone is a computer addict like the folks at slashdot.
Re:No thanks (Score:3, Insightful)
Do you not sleep, or what? And of course they're not going to download in one shot, that's what resumable multi-part downloads are for.
typical users DON'T leave their home computers on when they don't use them btw.
I feel like a broken record saying this, but you don't speak for everyone. Unless you regularly provide in-home support for a wide variety of users in many different countries, which I doubt, you just can't assume that.
I can only speak for what i've seen in my corner of the US, and some friends in England, Australia, Canada, and Russia, but any "typical" user i've seen leaves their PC on 24-7 or close to it. The university [rit.edu] I attend leaves the umpteen computers in it's public labs on continuously. I don't think i've ever seen a system turned off there unless it had some sort of failure.
Re:M$ worm. (Score:1, Insightful)
That's the difference between open source and proprietary: It's about what *you* want, not what the *vendor* wants. You never give up control.
Re:Who is liable? Will it reboot too? (Score:1, Insightful)
Re:oh yeah? (Score:3, Insightful)
I think that Microsoft should halt development and roll out of it's next OS's until it's fixed the base functions. They should start from the beginning, and review the code line by line with a focus for security. Stop adding more and more features until you've fixed the old ones.
I know, NO OS is 100% secure, no program in unhackable and being the biggest boy around Microsoft is also the biggest target. That doesn't excuse their continued shody behaviour.
lol, I say this, knowing of course, that it will never happen. It's not in Microsofts interests (nor the interests of their shareholders) to go back to code and rewrite and rebuild. I personally think it would be good corporate behaviour to do it though.
This is a little off topic but consider your car. What if your car manufacture refused to fix your older vehicle because they no longer support that model? The public would crucify them. But Microsoft does exactly that by terminating patches and support for older OS's. Those older machines, if they provide the base code for the exploits in the current release, are then potential holes. I don't know about you but I'm still running a copy of 98 at home for games because it works and is stable (sorta).
Anyways, back on topic, I agree. We've all bitched about Microsoft being insecure and when they try and make right we bitch some more. And it's not giving them a fair shake. Who knows, maybe this will be the tool that saves everything. I for one am getting sick of paying for bandwidth that gets absorbed by virus's and spam. Actually, I think we should hold the ISP's more responsible.
Re:M$ worm. (Score:5, Insightful)
If 90% of the users don't know how to make a call in their new cell phone is the fault in the users or in the cellphone?
If 99.99% of the users cant read a book written in latin should we:
a) Translate the book
b) Teach everyone latin
Only people who would even consider option b are computer engineers.
If you don't like the fact that most people are ignorant about inner life of computers? Go back to BBSes. Oh wait, they dont have the content, the people, the cheap connectivity? Has it occured to you that those exist because internet is full of people! You cant have it both ways.
If companies think being on the internet is dangerous who forces them to put critical services there? Maybe they are there because the gains outweight the benefits?
And before you throw in the facts about traffic laws... Majority of drivers are in favor of some sort of laws existing, I'd even bet that they support the majority of the current laws. What you'd want is a law supported by the few, benefitting the few, paid by the majority (in work hours wasted studying computer security).
Re:Not such a bad idea (Score:3, Insightful)
As opposed to a using a system that just works?
Re:M$ worm. (Score:5, Insightful)
If someone sends a particularly malformed request to a process on your machine it won't run right. Is that a recallable defect?
I'd say no in both cases.
Re: Not such a bad idea (Score:3, Insightful)
> Microsoft are MORONS. The fix for this particular worm required SP2 or greater. That is 8 hours and 10 minutes over dialup.
Think how fun it's going to be when you re-install your media and then get to download three years of cumulative updates.
Funny. (Score:3, Insightful)
2) People whine that users are too lazy/stupid to install the patches
3) People whine about automatic patch installation
Well geez people, it looks like you're going to have to quit whining about at least one of these three things, because they aren't all compatible. If we admit that users are too ignorant/lazy/stupid to install patches, then we have no right to complain about MS wanting to automatically update things, because everyone is complaining that their security is terrible. It isn't fair to put people into an impossible situation like that, then blame them for it.
Like my ex-NASA boss likes to say: "Faster, better, cheaper. You can pick two."
Re:Ah Samrt Linux Users Rebuke YOu (Score:2, Insightful)
Have you ever installed RedHat? (Score:3, Insightful)
It's not an attack on linux it's a fact of who is using the system and who is setting it up? IF it's the same person they are significantly more likely to use ROOT. This is the reason Linux has almost zero likelihood of being successful on the Desktop, it requires conceptual understanding of security and the how and why you should(n't) run as root. Grandma doesn't care.
Plus, most users of computers learnt the Windows-Way. All Admin, All the time.
If we could just get rid of the hackers there would be no security issues. BURN THEM AT THE STAKE!!! lol, j/k
Agree to new EULA (Score:1, Insightful)
Re:Funny. (Score:2, Insightful)
Indeed (Score:5, Insightful)
The frightening bit is that my mom, a Physician's Assistant, will tell you the same thing about people and their bodies. She gets in all sorts of cases where people have had horrible things wrong with them and haven't bothered to come in for a week, or the guy who drank 3 40-oz. beers a night, and his main concern was wondering why he had to wake up to go to the bathroom so often.
(as for dishwashers, most of them require you to at least scrape your plate before you put it in, and my father, having cleared out a dishwasher that pretended you didn't have to do that, will tell you that they ALL require this.)
That's even SLOWER and less reliable (Score:3, Insightful)
How reliable is a non-standard download protocol? Maybe it's described in the paper, and if I can't download the paper about BITS, I'm skeptical about using BITS to download hotfixes :-)
Re:Not such a bad idea (Score:2, Insightful)
Gee, put some effort in configuring Windows too, and you'll never have this kind of trouble
Buzzz. Wrong. The .NET Framework won't be part of the system until Longhorn. Either you personally install it, or it doesn't get installed or updated automatically. The problem lies somewhere else
Guess what? it does have one. It's part of the native IPSec service. See this tutorial [wmich.edu], and, in general, avoid Norton products like rats with bubonic plague
Yeah, quite annoying, but blame sloppy Windows developers for that (system file protection is good. I didn't realize it until an install of Corel DRAW 9 on Windows NT 4 overwrote msvcrt.dll with an earlier version, and I was blamed). However, I've reversed it, discovered where the list of protected files is (sfcfiles.dll), in which format, and I can hand you a bogus sfcfiles.dll (with sources, if you're curious) that disables file protection completely by returning an empty list of files. Mail me if you are interested
Re:I love home users. (Score:2, Insightful)
legal and "real" liability for a toaster (Score:2, Insightful)
However it is looked at above we then must ask what is acceptable "problem fixing" behavior and methodology. Should I just walk in the customer's homes and fix it myself or should I at least schedule a time when convenient. What happens if my "fix" causes other problems or just incompatabilities and lost bread? For that matter, what about all that bread lost from my inept development?
What if some customers have bothered to pay attention to my lack of commitment to quality in both the initial development and in fixes and as such do not trust me to fix their systems until they hear from all their neighbors what they have experienced as a result of the fix? They may have real concerns that my toaster fix will not work and cause other problems and more lost bread. They may have even had relatives or friends be electrocuted.
What about other appliances? Perhaps in the past I have noticed that other components plugged into the electrical grid of the house fail to operate after earlier toaster patches. Maybe my refridgerator stops working and my Microwave's light and half of its controls go out. Who pays for those repairs?
I can tell you with certainty that if this was indeed about toasters (or TV's, Washers, or Microwaves) that there would not be any toaster makers in business still that produced such crap as Microsoft does. I think MS has done some great things but it is often hard to see the roses when all your vision is blurred by blood from the thorns.